Nearly One Billion Emails & Personal Details Leaked from Verifications.io, Source was Picasa API?

What happened to Verifications.io after data leak?

Verifications.io took down their website after the leak was uncovered and they have refused requests for a comment on the situation.
Very few is known about the people behind the business with its backers maintaining their anonymity due to the dubious tactics it employs. Verifications.io domain is now available as a premium domain on Name.com for fresh registration in just around 5000 USD.

What was exposed in the email data breach?

All records contained the detailed profile information about the email owner. Millions of businesses profiles were also found in the email data breach. These records appear to mostly be made up of publicly available data. While no passwords were in the email data breach, all of the following were found:

  • Email addresses
  • Full names
  • Gender
  • Date of birth
  • Residence Details
  • Work and Designation etc.

How Verifications.io got your data?

This is the trending question that how Verifications.io got your data? After doing a lot of research i found that thousands of these type of marketing agencies were using Google Picasa Api to validate email address and to get detailed profile information about the email owner. Previously i also wrote two articles that how marketers and spammers were using Picasa Api to validate emails and to get detailed profile information about the email owner. Here is the Proof

Should you be worried?

Although the databases were accessible for some time, as soon as the problem was disclosed to Verifications.io, the service was taken offline and remains so. But marketing companies who having this data will start emailing in bulk. It also puts people at risk for robo calls and phishing attacks, which will try to lure even more personal information out of people.

--

--

I am a Entrepreneur, Security Researcher & Growth Hacker. https://www.rajaharia.com/

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Rajshekhar Rajaharia

Rajshekhar Rajaharia

I am a Entrepreneur, Security Researcher & Growth Hacker. https://www.rajaharia.com/